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1A. AMENDMENT OF SOLICITATION NO. 1B. DATED 


Metropolitan Washington Airports Authority 91. 
Procurement and Contracts Dept., MA-29 RFP-21-22745 August 23, 2021 


2733 Crystal Drive 2A. AMENDMENT NO. 2B. EFFECTIVE DATE 
Arlington, VA 22202 
: Two (002) October 5, 2021 


The solicitation identified in Block 1A is amended as set forth in Block 3. Hour and date specified for receipt of offers [] is extended, 

& is not extended. Offerors must acknowledge receipt of this amendment prior to the hour and dated specified in the solicitation or as amended, by 
one of the following methods: (a) by completing Block 4 and returning copy of the amendment; (b) by acknowledging receipt of this amendment on 
the Solicitation Offer and Award Sheet, Block 13. FAILURE OF YOUR ACKNOWLEDGMENT TO BE RECEIVED AT THE PLACE DESIGNATED 
FOR THE RECEIPT OF OFFERS PRIOR TO THE HOUR AND DATE SPECIFIED MAY RESULT IN REJECTION OF YOUR OFFER. 


3. DESCRIPTION OF AMENDMENT 

The Metropolitan Washington Airports Authority Solicitation RFP-21-22745, entitled “Baggage Handling 
Systems High Level Controller Software (BHS-HLCS) at Washington Dulles International Airport” is 
amended as follows: 


A. SECTION X — ATTACHMENTS, ATTACHMENT 01 - STATEMENT OF WORK, SECTION IV — 
SCOPE OF WORK. 02. GENERAL REQUIREMENTS, Section H is hereby deleted in its entirety and 
replaced as follows: 


H. The HLCS will meet the standards of TSA Planning Guide and Design Standards that each 
system was certified as. The South Baggage Basement is certified to PGDS 1, the West 
Baggage is certified to PGDS 3. The expectation is to upgrade reporting and other features to 
the extent possible without modifications to PLCs and CBRA equipment. 


. SECTION X — ATTACHMENTS, ATTACHMENT 01 - STATEMENT OF WORK, SECTION IV — 
SCOPE OF WORK. 10. ENTERPRISE CAPABILITY, Section C is hereby deleted in its entirety and 
replaced as follows: 


C. The software will allow API for data to include, but not limited to data used for reporting in 
Section IV Scope of work, Part 09 Web Client Functionality, Item K. The software shall allow 
API for primary operational data to include sortation data, number of bags, number of failures, 
failure details (type, time, duration, airline, etc.), downtime (planned, unplanned) with 
time/duration. The software will allow API for operational downtime of in-line screening 
equipment to include specific equipment. All maintenance related data should be available to 
include but not limited to run times and individual equipment chronometer readings. In all 
instances, SSI and names or identification of people is not required and should be removed. 


. SECTION X — ATTACHMENTS, ATTACHMENT 01 - STATEMENT OF WORK, SECTION IX — 
APPENDICES, APPENDIX A —- SYSTEM CONTROL DESCRIPTIONS is hereby deleted in its 
entirety and replaced by APPENDIX A — SYSTEM CONTROL DESCRIPTIONS 


Except as provided herein, all terms and conditions of the document referenced in Block 1A, as heretofore changed, 
remain unchanged and in full force and effect. 
4A. NAME AND TITLE OF OFFEROR 4B. SIGNATURE 4C. DATE 


MWAA Form PR-06 (Rev. 3/2017) 


. SECTION X — ATTACHMENTS, ATTACHMENT 01 - STATEMENT OF WORK, SECTION IX — 
APPENDICES, APPENDIX B — BHS / CBIS DRAWINGS is hereby deleted in its entirety and replaced 
by APPENDIX B — BHS / CBIS DRAWINGS 


. SECTION X — ATTACHMENTS, ATTACHMENT 01 - STATEMENT OF WORK, SECTION IX — 
APPENDICES, APPENDIX F — MWAA OFFICE OF TECHNOLOGY SECURITY STANDARDS is 
hereby deleted in its entirety and replaced by APPENDIX F — MWAA OFFICE OF TECHNOLOGY 
SECURITY STANDARDS 


. SECTION X — ATTACHMENTS, ATTACHMENT 02 - EVALUATION CRITERIA AND PROPOSAL 
SUBMISSION REQUIREMENTS, 02 PROPOSAL SUBMISSION REQUIREMENTS, Criterion 1: 
Software Understanding: add Criterion “E” as follows: 


E. The Offeror must provide a schedule detailing all major and secondary events. This schedule 
must be provided in a Gantt chart and provide the project timeline in Microsoft Project. 


. SECTION X — ATTACHMENTS, ATTACHMENT 02 - EVALUATION CRITERIA AND PROPOSAL 
SUBMISSION REQUIREMENTS, 02 PROPOSAL SUBMISSION REQUIREMENTS, Envelope 1: 
Representation Package, sub-section “d” and “f’ is hereby deleted in its entirety. 
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a a a we || « ew |) « we || « we || « we |) « 
5 5 5 & 6 || 6 6 |) 6 6 |) s & || s 6 |) 6 
2 2 2 g S|) S|) S|) 2 S|) 2 S|) 
b b Fad Fad & || 5 6 |) 6 6 |) 6 & || 5 5 |) 5 
BS BS BS as BS é 3} } 3} BS 2} BS BS 3} 
g rd rg 2 £ || 2 £ || 2 z || 2 2 || 2 £ || 2 
Mecca ptcR aIs2A, PLC CeIS2A Pic Se MCP-SED2—1 MCP-SED2-2 MCP-SED2A McP-SED28 McP-SCB2—1 
A A : MD-6596-21-10 MD-6596-21-11 MD-6596-21-12 MD-6596-21-13 MD-6596—21-15 
A SCB2-2_A/SCB2-2_B7A A $SB2_A/SSB2_B/A 
| =) 
SPL2_A/SCB2-2_A/A SCB2—2_B/SSB2_A/A $SB2_B/PICK-2/A PICK-2/WORK-2/A, 
SCB2-2_A/SCB2-2_8/B SSB2_A/SSB2_B/B 
Ff 
| | <CSPL2_A/SCB2-2_A/B > | | | | SCB2-2_B/SSB2_A/B | | | | $SB2_B/PICK-2/B | | PICK—2/WORK-2/B | 
= (|e g || & g gs 
6 6 6 6 6 g g 
: a || ¢ alls i i 
= = = La = = = 
MCP-SPL2 MCP-SCB2-2 McP-SSB2 JB/PICK-2 JB/WORK-2 
MD-6596-21-17 MD-6596-21-16 MD-6596-21-14 CBRA PICK STATIONS CBRA WORK STATIONS 
SSB2-07/12 ScB2C-01 
HAND HELD SCANNERS HAND HELD SCANNERS 
CBIS1A_4/CBISIB_47A CBIS2A_4/CBIS2B_4/A 
( 
DS 
CBIS1B_4/CBIS2A_4/A CBIS2B_4/OUTIA_4/A CBIS1A_4/SED1A-14/A ‘SED1A-14/SED1B-14/A, SED1B-14/SED2A-14/K SED2A-14/SED2B-14/A. 
To EXISTING OUTBOUND 
PLC ENCLOSURE SHT. 2 
CBIS1A_4/CBIS18_4/B CBIS2A_4/CBIS28_47B 
f 
) 
| | | BIS 1B_4/CBIS2A_4/B | | (CBIS2B_4/0UTIA_4/B CBIS1A_4/SEDIA-14/8 | A SEDIA-14/SED1B- 14/8. | | A SEDIB-14/SED2A-1478 | | A SED2A-14/SED2B-14/8. 
ono) ®|/ © © g) ®@ ® 
& || & Paes 3 4 x 4 
& || 6 6 || 6 PLC COMMS. ? ? 7 7 
ra ra rs Ps 
ge] 8 g|/ 8 NETWORK g z z z 
JB/SEDIA—14 0B /SEDIB-14 B/SEDZA—14 JB /SED2B- 14 
PLC-CBIS1A/B PLC-CBIS2A/B Far far 6600 3-6600 
EDS INTERFACE EDS. INTERFACE EDS. INTERFACE EDS INTERFACE 
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JERVIS 8. WEBB COMPANY 


CBIS2B_4/OUTIA_4/A 


¢ 


MCP-PLC ENCLOSURE 


OUTIA_4/0UT1B_47A 


PLC COMMS. NETWORK 


OUT2A_4/0UT2B_47A, 


y 


FROM CBIS PLC 
ENCLOSURE SHT. 1 


OUTIB_4/0UT2A_47A 


OUT2A_4/0UT2B_4/8, 


(OUT2B_4/PLC3_6/A 


QUT! ATR/ENCODER NETWORK 


OUTIA_5/0UT1B_5/A 


(OUTIB_5/ML1—ATR/A 


OUTIA_5/0UT1B_5/B 


ML1-ATR/PLC1_0/A 


OUT2A_5/0UT2B_5/A 


OUT2 ATR/ENCODER NETWORK 


(OUT2B_5/ML2-ATR/A 


OQUT2A_5/OUT2B_5/8, 


ML2-ATR/PLC2_0/A 


NOTES: 

1. ALL CABLING ON THIS SHEET IS BELDEN #3092A UNLESS 
OTHERWISE. SPECIFIED. 

CONTROLNET NODE NUMBER NOTED AS (). 

CONTROLNET TERMINATOR SHOWN AS LETTER T. 

CONTROLNET CABLE MUST NOT BE RUN IN CONDUIT OR WIRE WAY 
WITH A/C WIRING. 

DASHED LINES INSTALLED BY ELECTRICAL CONTRACTOR. 


pee 


al 


JERVIS B. WEBB COMPANY 


A 


ee | a | a | a | 
: CBIS2B_4/0UTIA_4/B is OUT1A_4/0UT1B_4/8 i Ie 
, | | ‘OUTIB_4/OUT2A_4/8 | | | (OUT2B_4/PLC3_6/B i | | | QUT1B_5/ML1-ATR/B. | ML1-ATR/PLC1_0/B : | | OUT2B_5/ML2-ATR/B. | ML2—ATR/PLC2_0/B i CONTROLNET CABLE INDEX 
oie) ®][@ @ lomiKe) lo) @ lolike) lo) @ CONTROLNET CABLES LABELS ARE FORMATTED AS FOLLOWS: 
5 Ea 5 5 5 5 Ea gS & 5 Ea s 5 
5 & S 6 é 6 6 a é 6 é g é RACK#/RACK #/PRIMARY OR SECONDARY 
$ || 3 ales 4 || 3 + s a || $ Rs 
g || 2 g || 2 8 g || 8 a z ale 2 ze 
FROM RACK 
PLC-OUTIA/B PLC-OUT2A/B MCP-PLC3 PLC-OUTIA/B ML1-ATR MCP-PLC1 PLC-OUT2A/B ML2-ATR MCP-PLC2 RAG 
NOTE: FIELD WIRING TO BE TAGGED 
A OR B BY ELECTRICAL CONTRACTOR. 
OUTBOUND 1/0 NETWORK 
OUT2A_3/0UT2B_3/A 1+. OUTIA_3/0UT1B_37A << ALOUT/A/O_> << ALOUI/A/O_> [<< AOUT/AI/0_>> 
PAGS 0/0UTE S/R R83 OTIA 37H <a SANA > Amin > <ai> <A> CA <hamn > Rouse > | Co mouAo > | Co AaIA > | Co Roo > | CATAL <TAmmiAe > 
7 ees |) —amsocs] Y) aecneS| ) —earee amr | |) | aaa Sear | Ya | Yrs re oS con | ea YY | re 
@ @|[O ©|[@ @l[@ @|[@ @ ic) @ @ @ ic) @ (OMI Ke) 
Fe a || g g || s g || g 5 || g & g & i z 7 z i g || 8 
6 & || $ [ee & || & & || § $ ii 6 3 8 8 8 8 8 || § 
8 8 || 8 8 || 8 8 || 8 8 || 8 8 3 8 a a Be Bt ae 8 || 8 
& ey és gy és gy és ey és & & g & 8 8 g 8 gy 8 
MCP=PLC3 Pic-ou Pic-ount eNED WCPLMEI NCP—0S2 da oe ee NCP—0S2 ML2_3 VFD ML2_2 VFD ML2_1 VFD ML2_4 VFD ML2_5 VFD 
& 
& 
MCP-ML2 
ALOUT/A_I/O << _Aou/nyo_> | _Aour/Aso ALOUT/A/O <_A0ur/A/0 = < _AouT/o__> << Aur/ao__—> << Aournifo > <A oUTA/O > < Aour/ayo > <_Aou/A/o__ > AOU/AO > | _ AoUT/A/O_= > 
B_OUT/B_1/0 | [aa | |< ane | | sanyo >| omen | | | < somo <u >| | < _Bo/a/o_—> << 80a > [aan >] | B_OUT/B_1/0 | [2a < BOB. | | | | <_s0r/e/9 > 
ic) ®@ @ @ @ : eR Ke) {o) (a) @ lo) (6) @ RIES) | 
i Z d ad Z gl & & & & % Fe Pale a 
- = 4 Zz = z= Zz Zz z= 4 hid 
§ § § 8 & 31] 3 3 3 3 5 3 31] 3 . 
g & g & R evs & Rg Rg & & g gy 8 g 
MLI_1 VFD ML1_2 VFD MLI_3 VFD ML1_4 VFD ML15 VFD MCP—OT2A MCP-TC11 MCP-CSS . MCP-CS6 g 
4 Ey 
MCP—ML1 MCP-OT2 MCP-OT1 
4 mm 
3.7 mm 
z “-1786—RPCD . 8.3 mm 
<A> ALQUT/A/O t ofS fire6-nea| | tr ALOUT/A/O ALOUT/AL/O> | <__ALOUT/AL/0 ALOUT/A./0 <_AouT/A/0 <_AuT/ai/o ALOUT/A/0 CRIMP. FERRULE 
REPEATER ADAPTER | | 
E 1786—RPCD 
T 
< Bou/ayo > | | nono > cH 786-RPAL-} shy B_OUT/B_I/0 | |< 2oneave | [<< eowrave B_OUT/B_I/0 | | B_OUT/B_1/0 | B_0uT/B_/0 > | 7 BELDEN #3092A (PVC) COAX caste 2 
| 
& (2) REPEATER ADAPTER & [2] [z) & @B (a) [7z) 
& 5 5 g & s & 5 s CENTER EN 
& é & é 8 é 3 & é CRIMP TO CENTER CONDUCTOR 
8 2 2 8 8 Fd 8 2 8 
= = = = = = = = = CONNECTOR BASE 
MCP-TC10 MCP-TC13 MCP-TC7 MCP-TC8 MCP-CS4 MCP-TC9 MCP—CS3 MCP-TC6 
ALLEN BRADLEY CONTROLNET CONNECTION DETAIL 
MCP—TC12 
PLC COMMUNICATIONS — CONTROLNET 
FOLLOW THE INSTRUCTIONS IN THE ALLEN BRADLEY CONTROLNET COAX TOOL KIT #1786-CTK 
FOR DETAILED INSTALLATION, AND STRIP TOOL CALIBRATION REQUIREMENTS. 
NOTE: MANY NETWORK PROBLEMS ARE DUE TO IMPROPERLY INSTALLED CONNECTORS. 
PULL THE CONNECTOR TO VERIFY THAT IT IS ATTACHED SECURELY. IF IT 
IS LOOSE OR COMES OFF, SNIP OFF THE CONNECTOR AND INSTALL A NEW ONE. 
‘AS BUILT" 
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GROUP 
WEBB 34375 W. TWELVE MILE RD 
FARMINGTON HILLS, MI. 
COMPANY 48331-5624 
tne” SYSTEM WIRING DIAGRAM 
CONTROLNET 
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FROEET DESIGNED TRA FROUECT 
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BHC ENCLOSURE 


BHC ETHERNET 
NETWORK SWITCH 


BHC/NSW-1 
ri 5 
o 
2 
a 
3 
a 
SEE DRAWING 
> WD-6596-04-01 
‘ FOR WIRING 
4 DETAILS 
5 
o 
i y 
7 
a SPARE 
8 
o SPARE 
9 
o SPARE 
10 
o SPARE 
Mf SEE DRAWING 
WO-6596-04-01 
FOR WIRING 
DETAILS 
12 
Oo SPARE 
"RU-45" 
JACKS 9) 
13 
o SPARE 
14 
o SPARE 
15 
o SPARE 
16 
o SPARE 
17 
o 
18 
o SPARE 
19 
o SPARE 
20 ) 
o 
21 
o 
22 SEE DRAWING 
ao > WD-6596-04-01 
FOR WIRING 
DETAILS 
23 
qo 
24 
o 
Ne a 
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BHC ENCLOSURE 


BHC ETHERNET 


NETWORK SWITCH (CONT.) 


NOTES: 
1, ALL DASHED WIRES INDICATE FIELD WIRES TO BE SUPPLIED 


BHC/NSW—1 E-NET PATCH PANEL BY THE WEBB ELECTRICAL CONTRACTOR. 
(020346) (020346) 2. FIELD WIRING TO BE TAGGED BY ELECTRICAL CONTRACTOR. 
4 3. ALL CAT—5E ETHERNET CABLING ON THIS SHEET IS BELDEN 
o a 7 ® a PEG OUTBOUND TIA #1533R UNLESS OTHERWISE SPECIFIED. 
a6 Z Gutan/erP-P2><> 4 PLC/OUTBOUND—2A A 
1756—ENET CABLE ASSEMBLY SCHEDULE 
> CABLE # TYPE MANUFACTURER | PART # 
27 3 €BIS1A/EPP—P3 PLC/CBIS—1A ETHERNET 
o oOo Oe ase NST ® | pues (CAT -6) BLACK BOX EVNSL641 
SERIAL 
© } DB25M TO DB9F Of ZoQ0064> 
28 4 BIS2A/EPP—P4 PLC/CBIS—2A SERIAL EATON/ 
o o- i Meeec ENE & | veo To R-45| POWER WarE | INT-0035 
29 5 PIS1/EPP—P5 ><t> PIS-1 _ DB25F] SERIAL 1 SERIAL 2 RI-45 
a ce a DIG! K >O UPS 1 A 
PORTSERVER TS—1 DB25M DB9F BOM RJ—45 
30 6 TPP1—1/EPP—P6 <)> TELESPOWER POLE 1 <_RP-1/TPP1-1 RP-1 
o o— T — +0 Rv45 REPORT A 
RItS7RIaS | -E-NET CABLE - 6 BRINTER 1 
31 7 TPP1—2/EPP—P7 <P TELEXPOWER POLE 1 <AP=1/TPP1=2_ > AP—1 
Oo o— T — +0 Rv45 ALARM A 
RJ45/RU45 E-NET CABLE — 6 PRINTER 1 
32 8 Ui1/EPP_-P8_><I> 
Oo oO © ul-1 COMPUTER A 
33 9 MDS1/EPP—P9 ><> 
Oo a | wps-1 computer | & 
on 10 BG /EPP—P10 > > MCP/IB—6 
o a O 4747-1551 
DETAIL “A” 
1th, <is8/EPP—PIT >< g MCP/IB-8 110 PUNCHDOWN CONTACT 
1747-551 TERMINATION BOX 
a 12 Bio/err—PIz>) MCP/IB-10 0) = TWISTED PAIR 
o "110" a OT 4747-1551 
saya CONTACTS 
ees SEE DETAIL 4 | 
37 13 Bi2/EPP_Pi3><> NEP/IB=i2 =. (\BRN/WHT ' 
5 A SD 1747-1551 & }WHT/BRN ; 
s GRN/WHT), g 
g 
(| wat/Btu 5 
38 14 OS3/EPP—PIE ><> MCP/0S—3 °° f | z 
Oo o- TS 4747=4551 3 
; - aS WHT/GRN f\ 
: as AORG/WHT 
S = TELE=POQWER. POLE. 
7 15 TRPI=S/EPPI=PIS> CD TELE: POWES = PROGRAMMING z MWHT/ORG 
PORT 2 U 
RJ45/RI45 
40 16 TPP1=4/EPP1-PIE> <PTELESPOWER POLE 1 = BRogRaMMING = AL 
o o— : = o PORT 110 CONTACT CONNECTION DETAIL 
RJ45/RJ45 
41 v7 Mez/eprpPTT > MANUAL ENCODE 2 
o (020332) F- —|—a- os aa anOP A 
49 4g QDDDDD/PXX> CABLE NUMBER 
re 5 DDDDDD — DESTINATION EQUIPMENT 
PXX — ETHERNET SWITCH/PATCH PANEL PORT # 
43 19 
o o 
44 20 
ia ia] 
45 21 
a o 
46 22 
ia o 
47 23 ETHERNET CONNECTIONS " " 
u i AS BUILT 
48 24 J B 
o Vo ERVIS B. AIRPORT SYSTEMS 
GROUP 
WEBB 34375 W. TWELVE MILE RD 
FARMINGTON HILLS, MI. 
E-NET PATCH PANEL 48331-5624 iM 
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TRE™’ SYSTEM WIRING DIAGRAM 
ETHERNET 
CUSTOMER WASHINGTON DULLES INTERNATIONAL AIRPORT 
SOUTH BAGGAGE BASEMENT EDS IN-LINE HIGH VOLUME BAGGAGE SCREENING 
FORE SeseNe Tan SaoeaT 
A | 06/09/11[NO CHANGES TO THIS SHEET wic | SH a Se eeeR EaeaREE , ee me aE aoe EMAL 
As [05/17/10 ADDED MANUAL ENCODE, TELE-POWER. CHANGED LOCATIONS | AH SH | 034 = ae as 
mine 7 B6596 NUMBER WD-6596—02—00 REVISION 
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BHC ENCLOSURE 


BHC ETHERNET 


E-NET PATCH PANEL (CONTD.) 


FROM SHEET 2 


NOTES: 
1, ALL DASHED WIRES INDICATE FIELD WIRES TO BE SUPPLIED 


NETWORK SWITCH (CONT. 
020400 BHC ETHERNET 20450 ene ) BY THE WEBB ELECTRICAL CONTRACTOR. 
NETWORK SWITCH (020446) (020446) 2. FIELD WIRING TO BE TAGGED BY ELECTRICAL CONTRACTOR. 
BHC/NSW-2 “ 4 3. ALL CAT—5E ETHERNET CABLING ON THIS SHEET IS BELDEN 
(a > #1533R UNLESS OTHERWISE SPECIFIED. 
‘a ~ 
25 25 GUTB/EPP-P2<D ; PLC/OUTBOUND- 1B 
2 1756—ENBT A 
a 
bath asta 26 29 | | CiRB/ePP-PIBS — B16 /OUTBOUNDW28 CABLE ASSEMBLY SCHEDULE 
3 1756—ENET CABLE # TYPE MANUFACTURER | PART # 
SEE DRAWING ETHERNET 
> WD-6596-04-01 ~ O-= | eiae (aT -6) BLACK BOX | EVNSL641 
FOR WIRING 27 27 CBIS1B/EPP—P2 PLC/CBIS—1B 
: raf o o 1756_ENBT &} SERIAL DIGI 76000645 
oO DETAILS DB25M TO DBOF 
SERIAL EATON/ 
. & | som To Rv—45| Power ware _| INT-0035 
5 28 28 CBIS2B/EPP—P2B <> | PLO/CBIS-28 
a 1756—ENET 
020410 020460 co <<ups2/P1s2_> 2 
7 29 29 PIS2/EPP—P2> <1> PTS—2 _ DB255] SERIAL 1 SERIAL 2 R45 
a d Oo Oo Oo DIGI K >O ups 2 A 
PORTSERVER TS—1 DB25M DB9F DB9M RJ—45 
a 30 30 TPP2-1/EPP1—P30 <1 TELEXPOWER POLE 2 <_RP—2/TPP2—1 Bees 
ia] SPARE a o : — +O R45 REPORT A 
RAS Riss | -ETNET CABLE - 6 PRINTER 2 
8 1 31 TPP2-2/EPP1—P3i TELE-POWER POLE 2 < AP—2/TPP2—2 Ap—2 
020415 a SPARE 020465 o o © T — +0 Ru45 ALARM A 
R45 /RI45 E-NET CABLE — 6 PRINTER 2 
9 
% 2 || aperam> } 
o SPARE o a Ol Ul-2 COMPUTER A 
10 
co | spare 33 33 WDS2/EPP—P33> <D ‘ 
o a Ol MDS—2 COMPUTER 
020420 Pe 020470 
a aw 
oO | spare 54 34 1B5/EPP—P34> <> 5 MGP/IB-5 DETAIL “A 
TEST zee! 110 PUNCHDOWN CONTACT 
i2 pts TERMINATION BOX 
Qo WD—6596-04-01 oo a 187/EPP—P35> <> 4 MCP/IB-7 
"ets ape ira ~ TsreD PAR 
13 
in| SPARE 
36 36 189 /EPP—P3E> & MCP /IB_9 
: 020425 020475 o cont ios a ai MCE /IB 9 SS A.BRN/WHT 5 
* 14 "RU-45' 2 SEE DETAIL “A” < £ WHT/BRN : 
i o SPARE JACKS 4 
GRN/WHT) g 
37 37 <OS11/EPP-P37 gq «MCP/IB+14 WHT/BLU 5 
2 Oo G 1747-{581.. + a : 
* 15 : { BLU, war § 
ia] SPARE : f 
38 38 TPP2—3/EPP—PSB> CTELE-POWER POLE 2 Ss WHT/GRN fy 
Oo ot n BROGHAMMING A $ fORG/WHT 
3 Rd45/7RI45 WI WHT/ORG 
020430 Oo | spare 020480 nee oe V 
39 39 TPP2—4/EPP1—P3I> TELEPOWER POLE 2 programming AL 
o a Fi O PORT 
ie SPARE RU45/RU45 110 CONTACT CONNECTION DETAIL 
40 40 E1/EPP—P4Q_ > 5 MANUAL ENCODE 1 
18 El a AB 1200P 
o SPARE 
41 41 
020435 19 > 020485 Oo oO DDDDDD/PXX> CABLE NUMBER 
Oo DDDDDD — DESTINATION EQUIPMENT 
PXX — ETHERNET SWITCH/PATCH PANEL PORT # 
42 42 
20 Oo o 
o 
43 43 
21 Oo Oo 
o 
020440 SEE DRAWING 020490 
> WD-6596-04-01 
22 FOR WIRING 44 44 
O DETAILS o al 
23 45 45 
o Oo Oo 
020445 ra 020495 a a 
ee Qo q ETHERNET CONNECTIONS WA S BUILT" 
Lied ial 
* (020451) (020451) 
47 47 
ia a 
JERVIS B. AIRPORT SYSTEMS 
48 48 GROUP 
020449 020499 Lo Lo WEBB 34375 W, TWELVE MILE RD 
FARMINGTON HILLS, MI. 
COMPANY 48331-5624 
TRE™’ SYSTEM WIRING DIAGRAM 
ETHERNET 
TOMER WASHINGTON DULLES INTERNATIONAL AIRPORT 
SOUTH BAGGAGE BASEMENT EDS IN-LINE HIGH VOLUME BAGGAGE SCREENING 
FRET Ses San Sane 
06/09/11|NO CHANGES TO THIS SHEET wic | SH a MEER ee , sae aE aE ane Pe NAL 
05/17/10[ADDED MANUAL ENCODE, TELE-POWER. CHANGED LOCATIONS | AH SH | 034 = ae — 
SN SPE B6596 NUMBER WD-6596—02-00 REVISION 
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/ o 
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a 

3 
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4 
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o 

sad. | 6 

st 
contacts*) 4 
, ; 7 
RJ—45 

JACKS a 
8 

ia] 
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10 
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"1 
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12 
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FOR WIRING DETAILS 
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JERVIS 8. WEBB COMPANY 


BHC ENCLOSURE 


NOTES: 
> ea & A REMOTE 1. ALL DASHED WIRES INDICATE FIELD WIRES TO BE SUPPLIED 
BHC MEDIA CONVERTER PANEL ueeueai> CON.4 MDS COMPUTER BY THE WEBB ELECTRICAL CONTRACTOR. 
a fy) BHC/Mc-2 rf an | sus /uca >| 2. FIELD WIRING TO BE TAGGED BY ELECTRICAL CONTRACTOR. 
a 3. ALL CAT—5E ETHERNET CABLING ON THIS SHEET IS BELDEN 
LO AERORT PRINTER &s, #1533R UNLESS OTHERWISE SPECIFIED. 
2 2 
Fs 4 SPARE 
MEDIA_CON.10 } 
3 3 Hici0/Mc2=P35 CB=3/wc1d> 
ia] cH MC10 +9 MCP/IB-3 
re 3S ints 
MEDIA_CON.12 
4 a uC E> EMD 
o Ge et CTD | MCP/IB—1 
SO Ho MAR 
5 5 wes /Mc2—P5> 
SN | a8 SO 
6 op | 6 
sT 
a conracts*) & Sane 
Tas : 7 
RJ-45 
B.-eKe o SPARE 
A 
8 8 
a q SPARE CABLE ASSEMBLY SCHEDULE 
CABLE # TYPE MANUFACTURER | PART # 
9 9 ETHERNET 
o a SPARE Oeil gat (on 6) BLACK BOX | EVNSL641 
FIBER 
® ORANGE BELDEN M9B013 
10 10 (62.5/125um) 
a a SPARE 
‘4 ‘4 } BSD2_ STATUS DISPLAY 
ia a SPARE <Pv207/swa> 
= | pv/ssB2-07 
DETAIL “A” 
12 12 BSD2_STATUS DISPLAY’: 
O Oo SPARE 6v208/swa><'> “ 110 PUNCHDOWN CONTACT 
ere | a pvsse2-08. TERMINATION BOX 
BSD2_STATUS., DISPLAY: () _ 
NER 6v209/Swa > 7 mal = TWISTED PAIR 
J sw 4 1] PV/SSB2=09 
MC8& Si STATUS DISPLAY SR Q\.BRN/WHT 5 
MEDIA CON.B EVENO/SWA ONS Bu espo-10 § (WHT/BRN : 
: GRN/WHT), g 
es g 
BSD2 STATUS DISPLAY > WHT/BLU () : 
Hai /swe>D { BLU/WHT 
» +17] PV/SSB2-11 f Vy) 
z a 5 WHT/GRN f\ 
; BSD2_STATUS DISPLAY > fORG/WHT 
CRI SWE) WWHT/ORG 
LS — | PV/SSB2-12 U 
110 CONTACT CONNECTION DETAIL 
ODDDDD/PXX> CABLE NUMBER 
DDDDDD — DESTINATION EQUIPMENT 
PXX — MEDIA CONVERTER PORT # 
FXX — FIBER OPTIC CABLE 
ETHERNET CONNECTIONS WA S BUILT" 
JERVIS B. AIRPORT SYSTEMS 
GROUP 
WEBB 34375 W. TWELVE MILE RD 
FARMINGTON HILLS, MI. 
COMPANY 48331-5624 
TRE™’ SYSTEM WIRING DIAGRAM 
ETHERNET 
CUSTOMER WASHINGTON DULLES INTERNATIONAL AIRPORT 
SOUTH BAGGAGE BASEMENT EDS IN-LINE HIGH VOLUME BAGGAGE SCREENING 
FORE SeseNe Tan SaoeaT 
A [06/08/11 | NO CHANGES TO_THS_SHEET wic | 3H SP NONE ss HUBER |" 04/26/2010 [i FOR APPROVAL 
‘A [05/17/10 [REMOVED MANUAL ENCODE STATIONS AH_| SH | 034 | —— = a a REVISION 
04/29/10 UPDATED PER CUSTOMER REVIEW COMMENTS AH [SH | 014 8 ccn BE596 cae WD—6596—02—00 
oak REV DATE DESCRIPTION BY _|[cHKo Byfocr no.| D SHEET 5 OF 5 C 


‘ 


red Papel Jincres, 
t 


t phir ad aan] 
S to 1 20 2 39 35 40 45 so 


Me 
i 
i 


A 


JERVIS B. WEBB COMPANY 


y 


JERVIS 8. WEBB COMPANY 


v 


A 
TBAGGACe MEDIA MEDIA TBAGGAGE. NOTES: 
VPN1 VPN2 1. ETHERNET BLOCK DIAGRAM IS FOR ETHERNET COMPONENT LAYOUT AND FUNCTIONALITY 
ANAS CONVERTER CONVERTER! * SE reas DEPICTION ONLY. DO NOT WIRE THE ETHERNET BASED ON THIS DRAWING. 
A A A A 2. REFER TO THE SYSTEM WIRING DIAGRAM (WEBB# WD-—6596-—02-00) FOR SYSTEM 
INTERCONNECTION WIRING DETAILS. 
3. REFER TO INDIVIDUAL ASSEMBLY WIRING DIAGRAMS (WEBB C6596—XX—XX) FOR 
(48 PORT) (48 PORT) INTERCONNECTION WIRING DETAILS AND POWER REQUIREMENTS. 
ETHERNET ETHERNET 4. ALL COMPUTERS, NETWORK, AND ASSOCIATED COMPONENTS SHOWN ARE 
SWITCH SWITCH REPRESENTATIONAL ONLY AND ARE NOT INTENDED TO IMPLY SIZE OR ARRANGEMENT. 
A 192.168.130.151 NSW-1 NSW-2 A192.168.130.152 5. ALL CONNECTIONS ARE 100 BASE—T ETHERNET UNLESS 
(1)} XA) OTHERWISE SPECIFIED. 
4 PS tea aa es SNES eNS SS aS SPOON Seater rs A 6. SEE WEBB# BD-6596-02—00 FOR SYSTEM TOP ASSEMBLY. 
) X(1) ||eeeoeoo ogg ecg X(t) eoeeseodeso gad is 7. SEE WEBB# BD-6596-02-02 FOR CONTROLNET NETWORK 
x(5)) | X(4)] X(3) X(5) x(5y XA) | XQ] X(4) XO) BLOCK DIAGRAM. 
Q la ofol | o Q la olo|_lo \ aT) YQ Ja elo} |o Q la oclo}_lo 
g \g\eRsisigie) | gs eieelgeisig a 4 g \f/elRa|sigit | g /S/eelg/sisig 
= TIFT IElEl l= a bathed bel ee ME-1 ME-2 = TIFT IElEl ele a hel hed be sd de 
PLC-CBIS-1A 4&  PLC-CBIS-2A 4 ENCODE CONSOLE ENCODE CONSOLE __ PLC-CBIS-1B 4 — PLC-CBIS-2B - 
A 192.168.130.164 A 192.168.130.167 192.168.130.150 FIBER 1B 192.168.130.151 A 192.168.130.165 A 192.168.130.166 
A A 
BHS 
A MONITOR A 
A ETHERNET SWITCH (SWITCH ] SWITCH 4) ETHERNET SWITCH 4 
BSD1 BAG Pa oa A 192.168.130.153 192.168.130.154 A BSD2 BAG 
STATUS DISPLAYS. : STATUS DISPLAYS 
re] 83] - val oS ral 
= = | | | USB X4 [4 PORT KVM| USB x4 a 
B8888ago 8888480 + _ E EEEEti 
APV/SSB1-08 « PV/SSB1-09 ~ PV/SSB1-10..4 PV/SSB1-11_ aPV/SSB1-12 a PV/SSB1-13 VGA X2)|_ || VGA X2 & PV/SSB2-07 @ PV/SSB2-08 ~PV/SSB2-09 « PV/SSB2-10 @PV/SSB2-11 a PV/SSB2-12 
192.168.130.181 192.168.130.182 192.168.130.183, 192.168.130.184 192.168.130.185 192.168.130.186 192.168.130.187 192.168.130.188 192.168.130.189 192.168.130.190 192:168,130.191 192.168.130.192 
= os — os — os I os 
1 2 1 2 
192.168.130.116 [a aA L192.168.130.117 192.168.130.111 la 192.168.130.112 
ee REPORT SERVERS SORT SERVERS 
COMPUTERS, UPS, AND. PRINTERS A192 108-190.115 Bdge TOR 120.110 COMPUTERS, UPS, AND PRINTERS 
SERIAL-5 00 0) oh af =| : = ae ae, A [O00 © }}SERIAL 
C= =r C= od “ 
PORTE OnE Ted REPORT PRINTER - 1 Ul MDS-1 MDS-2 “Ure REPORT PRINTER - 2 SGHTELOWEnaSa 
A 192.168.130.105 A A 192.168.130.125 USER INTERFACE COMPUTER COMPUTER USERINTERFACE A 192.168.130.126 A & 192.168.130.106 
WORKSTATION A 192.168.130.140 A 192.168.130.141 WORKSTATION : 
pes A 192.168.130.145 A 192.168.130.146 Pes 
TAG READERS & DIMENSIONERS DVI DETECTIVE X4 [DET] [DET] DVI DETECTIVE x4 
UPS-1 STAND ALONE NETWORK A UPS-2 
ML1 ATR ML2 ATR DVI X4 DVI X4 4 & 
ALIS-400 ALIS-400 & 
OTCA o OTCB DVI SWITCH X4 
ETHERNET SWITCH é 
a a SWITCH 1 By ee A 
® |sls/o/S/E/GJe Q Isls|_/G/E/ lb - a = ® |sis|_/G/E/ Sle ® Isis|_/G/E/ Sle 
V/s 55a) « | © [&\5/Sis/s\sla nearer —— ao 2 a | © 5lzlsls sla a | © [BIB Zl8l6/6 a 
8 /eSlk/als sis g [B/B/8 g\gig/s BHS STATUS DISPLAYS SATELLITE 8 |/elels|/s/sle 8 /B/B/£/a\8/3/8 
= i Be Bl = he pele pene RDT Saeco 24" MONITOR X 4. REPORT PRINTER - 3 = il Bl = il Bel 
PLC-OUT-1A PLC-OUT-2A = A 192.168.130.147 A 192.168.130.127 PLC-OUT-1B PLC-OUT-2B 
192.168.130.160 192.168.130.163 BDD-D1 SSE BDD-D2 CBRA - TSA 192.168.130.161 " 1poest 
STEIN REMOTE SATELLITE MDS STATION AS Bul Er 


ANvaNOD BEIM "8 SING 


JERVIS B. AIRPORT SYSTEMS 
GROUP 
WEBB 34375 W. TWELVE MILE RD 
FARMINGTON HILLS, MI. 
COMPANY 48331-5624 


DRAWING 
ME 


ETHERNET NETWORK 


METROPOLITAN WASHINGTON 
AIRPORTS. AUTHORITY 
JERVIS WE 


BLOCK DIAGRAM 
a MOUTH BAGGAGE” BASEMENT 608 INLINE FIGH VOLUME BAGGAGE SCREENING 
Re er ena ae ee a 
Ay [04/21/10 [ADDED VPN CONNECTIONS DBD | SH NONE get’ S_HUBER on 11/03/09 BWRe FOR APPROVAL 
DRAWING SIZE Roe BD—6596—02-01 REVISION 
A, 01/12/10] REVISED PER CUSTOMER REVIEW COMMENTS AH SH 014 We og 
Taga REV DATE DESCRIPTION BY _|cHKD By/ocr No.]| D0 SHEET 1 OF 2 D 


A 


74 


Q 
| 
I 
0 


40 45 50 


M 


y 


v 


JERVIS 8. WEBB COMPANY 


NOTES: 


ds 


ETHERNET BLOCK DIAGRAM IS FOR ETHERNET COMPONENT LAYOUT AND FUNCTIONALITY 
DEPICTION ONLY. DO NOT WIRE THE ETHERNET BASED ON THIS DRAWING. 


a ADDITIONAL CONNECTIONS (48 PORT) (48 PORT) ADDITIONAL CONNECTIONS  — ~ ‘wiesconnection WIRING DETALS nn) TON SYSTEM 
ON SHEET 1 <¢ ETHERNET ETHERNET ) ON SHEET 1 3. REFER TO INDIVIDUAL ASSEMBLY WIRING DIAGRAMS (WEBB C6596-XX-XX) FOR 
) SWITCH SWITCH ( INTERCONNECTION WIRING DETAILS AND POWER REQUIREMENTS. 
NSW-1 4. ALL COMPUTERS, NETWORK, AND ASSOCIATED COMPONENTS SHOWN ARE 
ci NSW-2 REPRESENTATIONAL ONLY AND ARE NOT INTENDED TO IMPLY SIZE OR ARRANGEMENT. 
5. ALL CONNECTIONS ARE 100 BASE—T ETHERNET UNLESS 
OO0000D00D0000000 OdOOO00N0000O0C000N0 OTHERWISE SPECIFIED. 
0000000000000 [oKeKeNoRoKcKeNeKoNoNoMeKeK) 6. SEE WEBB# BD-6596-02—00 FOR SYSTEM TOP ASSEMBLY. 
fails ee iaininies! 7. SEE WEBB# BD-6596-02-02 FOR CONTROLNET NETWORK 
X(5) (12 PORT) X(1) (12 PORT) BLOCK DIAGRAM. 
BHC MEDIA BHC MEDIA 
4 CONVERTER 1 CONVERTER 2 
A im foo 5 oooo Oo doo 6 so0o8 rn 
MEDIA MEDIA — 
eee eee rial Tar ial [B\ B\_B\ \ 
goo -posuDD o gone osuo0 » lelelellglellg glglgiglyly » lelelelglslellg glgigiglely 
S l2/3/s/slelsl/slelalelsisis & $ |zZ/elslelsls|is glelelsis|s 
MEDIA 
oo00 0 00000 A A oO o00 0 00000 IB-6 A a ea aeeae CONVERTER IB-5 rN 
A 192.168.130.19 A 192.168.130.18 
MEDIA MEDIA oa Bh B 
CONVERTER A CONVERTER « Jelelalele al eleleleleile 
192.168.130.136 z /e/e/e ele lei[s/elele|z 2 |2 
|b 
G&|a - & 
wo “Vale? [\ [S\___[\ IB-3 [B\ [a B\ 
4a Re « lalslvlstslellslslelelelels A 192.168.130.16 « lalelvlstelsllslslelelelele 
192.168.130.135 uu rN i ziotelelslalelelelals/sis : zlotsleleleilelelelals/sis 
192.168.130.138 B LSTEVSSE/SIS|/S/ 8/8 (S515 ]5 = lS) 112 /8]8]] 22] 2 |2|5/5]2 
oe MEDIA eer 
5/5 _ ABB" & O_@eesseess]/ CONVERTER B78 
co “alg? A 192.168.130.21 A 192.168.130.20 
A ral ee BB B\ hating T 
192.168.130.137 oe 4d e lalzlzlelslels/gielg/elels 
192.168.130.173 2 fefeiglelgisllefy s/s 22/2 
i A if al i cl Ga ad i 
: ne )8 16), IB-1 4 i 
: els S S S o 3S 3S 3S g 
i rs ge a A 192.168.130.14 Teleleltalelekcn i 
192.168.130.172 uu rN e |2/2/2]2/2/2||2]2|2|3| 2/2 |2 e (a]zizl2i3|z|leigigigiglele 
192.168.130.175 © JEEISIE/EIEVE/ZIEIE/S/8/8 S JEPISIE/E/E//E/EIEIE(S/S/8 
A MEDIA ©. 
ay 000 0 00000 
fis | ale IB-10 A CONVERTER IB-9 A 
IcD4 o]o ” us 
A gir . A 192.168.130.26 Bw mia ial A 192.168.130.22 
192.168.130.174 ney “hb a glielol-: 
192.168.130.177 & /8/2/8/8/8/2|1s 8 Ea aod ied bd 
wos "al a IB-2 4& 
RIK [8\ [8\ [8\ [8\ [8\ [8\ [8\ [B\ 
192.168.130.176 ca 4 s eelelalslgkieehlel & 192.168.130.15 ~ lsighvalelel eek tyls 
192.168.130.179 Se asteisigi(siglalgigiss Se ateteisi(s elalgialas 
=| MEDIA 
pc 4/8) 4, IB-12 4 : soesees] | CONVERTER IB-11 4 
ICD6 o|o 
A eye A 192.168.130.25 A 192.168.130.24 
192.168.130.178 Tu A [O\ [O\___[B\ [B\ 
192.168.130.195 e /B/2/2/2/2/2|/2/3/3/3/2/e]2 SBB 
PLC OG} i 
A er Nae nea IB-4 a 
192.168.130.194 ru eee lelalelellstalelelalel: A 192.168.130.17 
> fetes TSS StS Eel el alas " " 
as HABE = AS BUILT 
ene JERVIS B 
, AIRPORT SYSTEMS 
A 192.168.130.23 GROUP 
WEBB 34375 W. TWELVE MILE RD 
SBB FARMINGTON HILLS, MI. 
COMPANY 48331-5624 
fhe’ ETHERNET NETWORK 
BLOCK DIAGRAM 
CUSTOMER WASHINGTON DULLES INTERNATIONAL AIRPORT. 
SOUTH BAGGAGE BASEMENT EDS IN-LINE HIGH VOLUME BAGGAGE SCREENING 
Ree S HUBER BA HEMPHILL BA HEMPHILL Tau D ALLEN 
A | 04/05/11|NO CHANGES TO THIS SHEET DBD SH SALE CHECKED DATE DRAWING 
Ay |04/21/10|NO CHANGES TO THIS SHEET DBD [SH oe gS HUBER 1/05, 09 sms FOR = 
A [01/12/10 REVISED PER CUSTOMER REVIEW COMMENTS AH [SH | 014 8 sen ene BD—6596—02—-01 
waneonre agrioay.. [REV| DATE DESCRIPTION BY |CHKD By[ocr No] D0 SHEET 2 OF 2 C 


A 


A 


CONTINUED ON 
BD-6596-02-01 


ETHERNET 


COMMS. CONTROLNET A 


CONTINUED ON 


BD-6596-02-01 


ETHERNET 


y 


JERVIS 8. WEBB COMPANY 


CONTINUED ON 
BD-6596-02-01 


ETHERNET 


FUNCTIONALITY DEPICTION ONLY. 


. PLC NETWORK BLOCK DIAGRAM IS FOR PLC COMPONENT LAYOUT AND 
DO NOT WIRE THE CONTROLNET BASED ON THIS DRAWING. 


2. REFER TO THE SYSTEM WIRING DIAGRAM (WEBB# WD—6596—02—00) FOR SYSTEM 
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AND BACKUP RACKS. THE REDUNDANCY MODULE FORCES THE BACKUP TO BE ONE NODE HIGHER. 
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BAGGAGE SYSTEMS MAIN TERMINAL 
OPERATIONS AND MAINTENANCE 


WASHINGTON DULLES INTERNATIONAL AIRPORT, WASHINGTON D.C. 


BAGGAGE BASEMENT 


FOREWORD 


The Metropolitan Washington Airports Authority depends on the secure use of information technology, and the 
effective management, operation and delivery of these services to meet the Airports Authority’s mission. To ensure 
protection of our critical information technology resources and minimize the risk from threats, we are issuing this 
revised Directive with updated, more secure, policies and procedures. This Directive supersedes all previous 
versions of information technology policies. 


These new security standards are stronger to keep pace with ever-increasing cybersecurity risks. Effectively 
implementing security within any organization is a team effort in which everyone has a vital role to play. Each 
employee shares in the responsibility for securing and protecting our facilities and information technology assets. 
Everyone must remain vigilant at all times to safeguard the Airports Authority’s mission. 


The Directive’s Rules of Behavior define the minimum standards of security behavior required of all users, 
including password rules and personal use restrictions. It only takes one oversight or failure by a single person to 
place critical systems and information at risk. Consequently, users are the front line of our defense, and they are 
expected to know and comply with this Directive as well as all other applicable laws and regulations governing 
information technology security. 


The Directive applies to the entire Airports Authority and all bodies that operate within its facilities. It also applies 
to all contractors, collaborators and third parties that connect to, operate with or exchange data with the Airports 
Authority’s technology infrastructure. New mandatory training is being introduced to make sure everyone is familiar 
with these updated policies and procedures. The Directive will be available for reference on the Airports Authority 
intranet. 


Thank you for your help with this crucial responsibility of keeping our critical information and systems secure. 


igi = _— zl2Zz/3_ 
ohn E. Potter Date 


President and Chief Executive Officer 
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Background 


To remain consistent with the Metropolitan Washington Airports Authority corporate strategy, the shared 
technology approach to modernizing information technology across the Airports Authority began in 2013. As a part 
of aligning technology to corporate strategy, groups were consolidated, technology was insourced, a consolidated 
Data Center was implemented, a common communication network was initiated, and wireless communication and 
digital innovation platforms were introduced. This common corporate strategy consists of the standardization, 
consolidation and consistent method of approach to all technology hardware, software, network communication 
systems, wireless communication and digital innovation platforms, and associated support services across the 
Airports Authority. 


This approach ensures sustainable excellence by creating a stable core system of operations and a modernized 
technology infrastructure that can support the implementation of next generation technologies in a timely, efficient 
manner. Moreover, this shared technology approach will enable the Airports Authority to reduce its technology 
footprint, ease interoperability between various systems, enhance cybersecurity, reduce operational costs and 
provide efficient operation. 


Purpose 


This Directive sets forth the Airports Authority policy, procedures, roles and responsibilities regarding Information 
Security implementation across all aspects of the enterprise. This Directive applies to both Information Technology 
and Operational Technology systems. 


Distribution 


This Directive is distributed to all employees and contractors at the Ronald Reagan Washington National Airport, 
the Washington Dulles International Airport, the Dulles Toll Road and the Rail Office. 


Scope 


This Directive applies to the entire Airports Authority and all operating bodies within its facilities. All departments, 
programs, and projects engaged in the evaluation, selection, acquisition, implementation, maintenance and/or 
operation of new, refresh and/or upgraded technology must follow and fully comply with this Directive. It also 
applies to all contractors, collaborators, and third parties with technologies engaged, connecting to, interoperating 
with, and/or exchanging data with the Airports Authority technology infrastructure. 


For all aspects of Information Security applied within Airports Authority jurisdiction, this Directive holds the final 
deposition and supersedes others, if any. It applies to all past, developmental and future technology efforts. Any 
existing arrangement that does not comply with this Directive will have to plan necessary activities, timelines and 
waiver requests where applicable to successfully incorporate the security processes and requirements specified in 
this Directive. Ongoing implementations may have to adjust to successfully comply with this Directive. 


Common Information Security Approach 


The goal of this Directive is to create a consistent, documented, common security approach across the Airports 
Authority. Via this Directive, the Airports Authority formally has adopted the National Institute of Science and 
Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity as its official security 
framework (The Framework). This Framework is a risk-based approach to cybersecurity and was developed with 
critical infrastructure in mind. The Framework incorporates best practices from both federal organizations (National 
Institute of Science and Technology (NIST) and private sector organizations (Center for Internet Security (CIS), 
Open Web Application Security Project (OWASP), Control Objectives for Information and Related Technologies 
(COBIT), International Standards Organization (ISO) and International Society of Automation (ISA). Information 
Security is an ever-evolving field with continuously changing standards. As a result, the standards will be updated 
as needed to support the Airports Authority’s risk management and cybersecurity needs. In cases where a standard 
does not provide guidance, contact the Office of Technology’s Information Security. 
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Roles and Responsibilities 


Effectively implementing security within any organization is a team effort where everyone has a vital role to play. 
Clearly defining and explaining who has what strategic role, responsibilities and accountability in the organization is 
critical to success. 

Everyone shares joint responsibility in securing and protecting our facilities and Information and Operational 
Technology (assets). Consequently, everyone must remain vigilant at all times to safeguard the secure delivery of 
the Airports Authority’s mission. This section defines who is responsible for security activities in support of the 
Airports Authority’s mission and what security activities must be completed to mitigate risk across the organization. 


All Users 

Users act as the front line of the Airports Authority’s Information Security defenses. As such, users must recognize 
their responsibilities and remain constantly vigilant to protect the Airports Authority’s networks and assets 
whenever possible. The Information Security Rules of Behavior specifies the security behavior (e.g., passwords, 
personal use rules, etc., expected of ALL users without exception). 


Users are individuals who have been granted access to the Airports Authority’s assets to perform assigned duties. 
Users may include, but are not limited to, employees, vendors, volunteers, or other affiliates of the Airports 
Authority. All users are responsible for protecting the Airports Authority’s information from unauthorized 
disclosure, modification, deletion and usage. Users will comply with all requirements in the Rules of Behavior in 
this Directive, any other applicable laws, and regulations. Users will report sensitive security issues, misuse, and 
violations of this Directive to their supervisor or the Chief Information Security Officer (CISO) as quickly as 
possible. 


The Rules of Behavior will be reviewed and accepted by all users employed by or conducting work on behalf of the 
Airports Authority before they are granted an account on the Airports Authority’s network. Users are required to 
review and accept the Rules of Behavior on an annual basis to retain their Airports Authority network access. 


Some Users, based on their position in the Airports Authority or their job function may have additional roles. These 
additional roles are defined below. 


President and Chief Executive Officer (CEO) 

The CEO bears ultimate accountability and responsibility for risks to the Airports Authority, including cybersecurity 
risks to informational and operational assets wherever those systems may reside. As such, the CEO is responsible 
for ensuring that all Airports Authority departments comply with this Directive. 


Executives 

Executives are responsible for the effective delivery of their respective portions of the overall Airports Authority 
mission. Executives who have managerial and financial accountability for the data within an information or 
operational system will work with the CISO to determine the sensitivity of the data to ensure appropriate security 
controls are implemented. 


Executives will ensure that staff are assigned and participate in those security activities required to assure the 
security controls are working. These include but are not limited to periodically verifying User access to applications 
and participating in Business Impact Assessments and Disaster Recovery Exercises. Executives are also required to 
ensure their staffs comply with the Rules of Behavior. 


All systems and applications used within the Airports Authority or external systems hosting Airports Authority data 
are required to be security certified prior to use and at least once annually thereafter until they are no longer in use. 
For systems that do not pass the security certification process, executives will be required to formally accept the 
security risks identified before these systems are authorized for use. 


Chief Information Officer (CIO) 
The Airports Authority’s CIO is responsible for ensuring the successful operation, security and availability of the 
Airport Authority’s network and all systems operating on it or connected to it. 
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For enterprise systems providing all mission/business services (authentication systems, email, etc.) the CIO retains 
responsibility and accountability for the data security of those systems. The CIO also will assume data security 
responsibility where managerial and financial accountability has not been explicitly defined. 


Chief Information Security Officer (CISO) 
The CISO is responsible for developing, implementing, and administering the Airports Authority’s Information 
Security program, and reporting security risks, incidents, and vulnerabilities to the CIO and Executives. 


The CISO is accountable for the development and implementation of the Directive for information systems security 
management activities, and has jurisdiction over security related events, functions, vulnerabilities and threats. The 
CISO may execute authority to remove any content or system from the Airports Authority’s networks, 
Internet/Intranet sites, servers, or workstations. The CISO has authority to disable any account and/or confiscate 
equipment when inappropriate or malicious activity has been discovered during an investigation of a security 
incident. 


The CISO is the internal and external point of contact for all information security matters, incidents and concerns. 
The CISO will support, review and approve updates to this Directive and other security guidance documents as 
needed. 


Contracting Officer (CO) 

Contracting officers (COs) play a critical role in supporting the security goals of the organization. Contracts in 
which Airports Authority owned information will be shared with, hosted or maintained by a contractor require 
security certification by the CISO. For those contracts, COs must ensure that appropriate contract language, 
approved by the CISO, is included in the solicitation documents. 


Contracting Officer Technical Representative (COTR) 
COTRs play an essential role in supporting the security goals of the organization by ensuring Airports Authority 
owned assets entrusted to contractors are protected in accordance with the information security terms of the contract. 


COTRs must provide contractors with a copy of the Rules of Behavior prior to the contactor’s access to the Airports 
Authority assets. COTRs must ensure contractor access is removed on the last day of their services. If the contract 
period of performance is greater than one year, the contractor access must be validated on an annual basis. 


Technical Staff 

Technical staff includes the Office of Technology or other personnel (contractors, vendors, etc.) who manage assets 
for the Airports Authority. Technical staffs are typically in control of the Airports Authority’s assets and are the 
custodians or guardians. Technical staff plays a critical role in implementing the protection requirements defined by 
this Directive. They are responsible for maintaining the security measures defined in the standards. Technical staff 
members must be familiar with all standards of this Directive that are applicable to the system function(s) or role(s) 
they perform. 


Information Security Group (ISG) 
The Information Security group (ISG), under the direction of the CISO, is responsible for the information security- 
related affairs of the Airports Authority. 


In order to manage systems and enforce security, the ISG will log, review, and otherwise utilize any information 
stored on or passing through Airports Authority assets and systems. This includes, but is not limited to electronic 
data that is created, hosted, managed, transmitted, received, or stored on assets owned, leased, administered, hosted 
by another entity, or otherwise under the custody and control of the Airports Authority. 


The ISG will develop, promulgate and manage an organizational security architecture, with inputs from relevant 
groups. The ISG also ensures that controls among subsystems, including monitoring and communications, meet or 
exceed minimum standards. 


The ISG will develop and provide security awareness training for all Airports Authority Users and contractors. 
Training will be required within 90 days of being provided authorized access to the information system. Training is 
required annually thereafter. 
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The ISG will facilitate information sharing of Airports Authority information with external partners. The ISG also 
will determine the types of automated mechanisms or processes needed to best facilitate this information sharing. 


The ISG will determine which information systems require specialized access agreements based on sensitivity of the 

data in the system and overall potential risk to the organization. Where a specialized access agreement is required, 

the ISG will work with the relevant personnel to: 

e Develop and document access agreements for organizational information systems 

e Review and update as necessary the access agreements at least annually 

e Ensure that individuals requiring access to organizational information sign appropriate access agreements prior 
to being granted access. Access agreements will be re-signed on at least an annual basis or after they have been 
updated. 


Compliance and Violations 


This Directive is the benchmark for information security safeguards. All Airports Authority assets whether 
managed internally or externally must comply with the requirements of this Directive. All activity from the Airports 
Authority assets is subject to monitoring by authorized staff to ensure system integrity and compliance with the 
Directive. Assets not in compliance with the Directive may be subject to being disabled or removed by the ISG, if 
determined to pose an unacceptable risk or threat to the Airports Authority. 


Users must understand their roles and responsibilities regarding information security issues and protecting 
information as set forth in the Directive. Failure to comply with the Directive may result in disciplinary action as 
outlined in the Airports Authority Conduct and Discipline Directive, HR-O03A. 


Contractors and subcontractors who fail to comply with the requirements of this Directive may face termination of 
their access to Airports Authority assets, removal from the contract, termination of the Airports Authority-related 
consulting agreement, termination of other active Authority consulting agreements and/or potential disbarment from 
doing future business with the Airports Authority. Penalties will depend on the severity of the failure and its impact 
on the Airports Authority’s assets. 
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Rules of Behavior 


Acceptable Use 


Users of Airports Authority assets are expected to abide by the content specified in these Rules of Behavior, 
regardless of whether a particular Airports Authority asset is located internally or externally, such as in a cloud 
infrastructure or similar off-site hosted system. 


Assets and capabilities are provided to users for the facilitation of Airports Authority business and are explicitly 
owned by the Airports Authority. The Airports Authority owns all property rights for any content or other material 
created, received, transmitted, stored on, or deleted from any Airports Authority information system. 


General 


Users will respect the confidentiality and integrity of all Airports Authority assets, familiarize themselves with the 
Airports Authority Information System Security Directive, and report any security weaknesses or breaches 
immediately to the ISG. 


Users will respect security controls for Airports Authority assets and not attempt to circumvent those controls. 
Users will not access or attempt to access any Airports Authority assets which they have not been granted 
authorization to access. 


Users must treat passwords and other access credentials as private and highly confidential. Sharing of credentials is 
strictly prohibited. Users are required to change their passwords every ninety (90) days. Users will take reasonable 
steps to prevent the disclosure of their passwords, security tokens, or similar information to unauthorized users. 


Users will refrain from activities that may intentionally or inadvertently disrupt, impair, or undermine the 
performance of Airports Authority assets. These activities include, but are not limited to, the following: 
e = Intentionally causing any type of damage to Airports Authority-owned assets. 
e = Intentionally downloading or introducing computer viruses, malware or malicious code to an Airports 
Authority asset. 
e Using tools, devices or other actions that bypass security mechanisms. 
e Downloading, installing, or running security utilities or tools (e.g., password cracking programs, 
network discovery, etc.) without prior written approval from the ISG. 
e Sending chain letters, unsolicited mass emails, gambling site information or pornography. 
e Divulging to unauthorized persons any details regarding Airports Authority assets or architecture 
unless previously authorized. 


Restricted and confidential data must not be stored on any laptops, mobile devices, or removable media such as 
USB, CD, DVD, without prior approval. Restricted and confidential data stored on these devices must be encrypted. 


Users will not use cloud or Internet-based hosting services to store or share Airports Authority data unless 
specifically approved and acquired through the information technology office. Users should take such steps to log 
off or terminate connections to Airports Authority assets at the end of every workday. At a minimum, Users must 
lock devices when they are left unattended. 


Users of Airports Authority-approved mobile communications devices will ensure that precautions are taken to 
prevent theft or loss. Airports Authority mobile devices will be physically secured when left unattended. Users must 
immediately report any loss or theft of a mobile device containing any Airports Authority information. In the event 
of a lost or stolen device (Airports Authority- owned or personally-owned) that contains Airports Authority 
information, Users will immediately report the loss. The Airports Authority reserves the right to clear its 
information from the device by any available technical means. 


It is highly recommended that users not download and store sensitive system data to their workstations. User and 
contractor endpoint devices and workstations are not backed up. In the event a user downloads Airports Authority 
data to their endpoint or workstation, they become responsible for protection of the data downloaded and Data 
Custodians for that information. Responsibilities related to this activity include ensuring that system data is not 
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shared with unauthorized individuals or sent via the network, such as by email to unauthorized individuals. 
Sensitive system data, if printed, must not be left accessible to unauthorized individuals and should be carried by the 
User or secured in a locked cabinet or drawer when not in use. 


Users and contractors must never back up Airports Authority data to any portable devices without prior approval. 
Also, users and contractors must never back up Authority data to any cloud infrastructure without prior approval. 


Ownership 


Airports Authority assets are the property of the Airports Authority and intended for official Airports Authority 
business use only. The Airports Authority retains property rights to all information created, generated, replicated, 
processed, stored, transmitted, and received by users in the course of using its assets. 


Privacy 


Users of any Airports Authority assets will not have any expectation of privacy in any message, file, image, or data 
created, sent, retrieved, or received. 


All user activity on any Airports Authority information system is subject to monitoring, logging, auditing, review, 
dissemination and archiving by the information technology office. Internet traffic over Airports Authority assets will 
be inspected for malicious code or inappropriate content prior to delivery to the user. Internet activity will be 
monitored for violations of acceptable use, as well as any other applicable laws, regulations, or Airports Authority 
policies and procedures. 


User’s personal information should not be stored on Airports Authority assets and is done at the user's risk. Such 
information also may be subject to disclosure or review by Airports Authority officials. 
Use of Portable Devices 


Removable media is one of the easiest ways to compromise systems. As such, security controls to reduce risks 
around the use of these devices is crucial to the success of information security. 


The Airports Authority only allows registered and approved removable media, vetted by the ISG, to be connected to 
Airports Authority information systems. If a User believes there is a legitimate business need to utilize such 
removable media, the User must contact the Helpdesk to make the request. 


Personnel with ISG-approved removable media are responsible for physically controlling and securely storing such 
approved media at all times, and protecting such approved information system media until the media is sanitized 
and/or destroyed using approved equipment, techniques, and procedures. 


Users immediately must report to any loss or theft of any portable device containing any Airports Authority 
information. 


Incidental Personal Use 


Personal use is the utilization of Airports Authority assets for purposes not related to conducting the business of the 
Airports Authority. In general, incidental personal use of the Airports Authority's assets, such as Internet access and 
email, is permitted, unless it: 
e Interferes with the productivity or work performance of the User or other users 
e Adversely affects the efficient operation of any assets or the Airports Authority’s effectiveness in 
conducting its business objectives and mission 


Prohibited Use 


Certain activities are prohibited when using Airports Authority assets. These prohibited activities include, but are 
not limited to: 
e §=6© Accessing, downloading, transmitting, printing, or storing information with sexually explicit content. 
e Downloading or transmitting fraudulent, threatening, obscene, pornographic, intimidating, defamatory, 
violent, harassing, or discriminatory messages or images. 
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e Accessing any gambling sites. 

e Pursuing personal profit or gain or engaging in outside employment or personal business, unauthorized 
fundraising or political activities. 

e Unauthorized downloading, printing, or transmitting of information protected by federal or state copyright 
laws. 

e Mi£susing or misapplying Airports Authority information access privileges. 

e Using software in violation of Airports Authority vendor licensing agreements. 


Personal Devices 


Personally-owned devices will not be connected to Airports Authority assets or used to store Airports Authority 
information without prior approval. A User must sign a Smartphone Waiver Form to be authorized to use his or her 
personally-owned mobile communications device(s) to access any Airports Authority asset. 


Access privileges to Airports Authority assets through a personally-owned mobile device will be terminated upon 
the user's separation from the Airports Authority or for any other reason deemed necessary to protect the Airports 
Authority. 


Any Airports Authority data stored on a user's personal device is the property of the Airports Authority. 
Remote Access 


Remote access to Airports Authority assets only will be permissible through Airports Authority-provided and 
supported remote access software or services. Remote access will be provided after a determination has been made 
that access is required to perform assigned duties, or the User is defined as essential personnel by the Airports 
Authority. Users with remote access will ensure they connect to the Airports Authority from legitimately secure 
networks, such as a personally-owned home network or other validated network, and that the device used maintains 
basic security controls (e.g. anti-virus software) to prevent unauthorized access to all Airports Authority assets. 
Remote copying, moving, or storing of sensitive data to local hard drives, or other electronic media without prior 
ISG approval is strictly prohibited. 

Awareness Training 


Users with access to the Airports Authority’s information system must undergo Security Awareness training on an 
annual basis. New Users must complete the security awareness training within 90 days of being granted access to 
any Airports Authority’s assets. Users will acknowledge in writing or electronically that they have read and 
understood this Directive. 


Security Certification 


Security certification is necessary to ensure safeguards are in place or risks fully understood prior to Airports 
Authority use. All connections to the Airports Authority networks or hosts must be certified by the Airports CISO in 
writing prior to authorization for use. This includes, but is not limited to, all hardware and applications, whether 
hosted on Airports Authority property or in the Cloud, or managed by Airports Authority staff or external 
contractors. 


Two methods will be used to certify systems for Airports Authority use: 


e The most current version of the Statement on Standards for Attestation Engagements (SSAE) or 
e Certification by the Office of Technology’s ISG against the Security Directive Standards 


Statement on Standards for Attestation Engagements 
This standard is issued by the American Institute of Certified Public Accounts and has two types of reports: Type I 


and Type II. A Type II report identifies the type of security controls in place by the entity, and it is the report 
required to be certified using SSAE. 
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The Type II report must be provided to the ISG for review before contracts are finalized. The CISO will provide a 
certification for the system if the report satisfies the objectives of this Directive and there are no deficiencies or risks 
to the Airports Authority. Type II reports are issued for a fixed time period. To be certified, they must be current 


Certification by the Office of Technology’s ISG. 

Using the standards of this Directive, a security assessment will be conducted to determine the security posture of 
the system and risks to Airports Authority. Upon conclusion of the assessment, a certification for the system will be 
provided by the CISO if it meets the standards of this Directive. 

Failure to certify 

If an entity fails the certification process, the risks identified will be provided to the requestor for mitigation. If the 
risks cannot be mitigated and a decision to continue with the implementation and/or use of the system is made, then 
a System Security Risk Acceptance Form must be completed. The form must be signed by the executive responsible 


for the system. Additionally the system must be isolated from all other Airports Authority systems. 


The Security Certification process can be reviewed in more detail by clicking here. 


